Recently a major gas pipeline and a major meat producer in the US were taken down by ransomware attacks. Now, we have a new assault, CNet reports. This time the hackers hit a Miami-based company that provides tech-management tools to organizations worldwide.
Hundreds of companies, including a railway, pharmacy chain, and grocery chain in Sweden, have reportedly been affected by the attack on software company Kaseya.
Information technology company Kaseya warned 40,000 clients that there was a โpotential attackโ on its VSA tool, which is used to manage computers remotely.
The company posted a security advisoryย to its help desk site, urging customers to shut down their servers running the service.ย They recommended that the customers shut down immediately.
Most authorities believe the same group of criminals behind the attack on JBS Meats engineered the current assault.
Huntress Labโs John Hammondย told NPRย that this was โa colossal and devastating supply chain attack.โ He suspects a major ransomware syndicate, the REvil gang, was behind the attack. REvil largely works out of Russia and nothing goes on in Russia without Putinโs approval.
Biden just met with Putin in Geneva warning him against the cyber attacks. Given Bidenโs mental state, that was more like an invitation to attack.
Biden has done nothing about the attacks so far and that means these attacks are guaranteed to get worse. He did launch an investigation into this latest attack.
The cybercriminals sent two different ransom notes: one for $50,000 to smaller companies and one for $5 million to larger organizations.
โIt is absolutely the biggest non-nation state supply-chain cyberattack that weโve ever seen,โ Allan Liska, a researcher with the cybersecurity firm Recorded Future,ย told theย Washington Post.ย โAnd itโs probably the biggest ransomware attack weโve seen, at least the biggest since WannaCry.โ
While Kaseya says that only 40 direct customers had been affected, one cybersecurity company identified eight managed service providers (MSPs) with more than 200 clients whose networks were partially or completely shut down.
Cybersecurity researcher Jake Williams, president of Rendition Infosec, told NPR that the attack was likely timed to coincide with the 4th of July holiday when IT staffs are typically thin.ย โThereโs zero doubt in my mind that the timing here was intentional,โ he said.
Washington Post:
Ransomware attacks increased significantly in frequency and severity during 2020. A report from a task force of more than 60 experts said nearly 2,400 governments, health-care systems and schools in the country were hit by ransomware in 2020. Organizations paid attackers more than $412 million in ransoms last year, according to the analysis firm Chainalysis.
After a May attack on Colonial Pipeline โ which led to panicked lines at gas pumps and empty fuel stations โ the U.S. government increased its emphasis on addressing cybersecurity issues and urged corporate America to strengthen its computer security.
Ransomware attacks have been on the rise as hackers band together and form cybercriminal gangs to extort companies for payment. The attacks are often carried out by attackers in Russia and Eastern Europe.
Itโs unclear how the hackers gained access originally to Kaseyaโs systems but the company has been a frequent target of criminal gangs because it represents an access point for tens of thousands of companies.
Subscribe to the Daily Newsletter
wpDiscuz
